apxtri/adminapi
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Page: Authentification
Pages
Authentification
Clone
5
Authentification
philc edited this page 2025-01-15 17:55:28 +00:00
Table of Contents

apXtri access endpoint

Any endpoint must have a mandatory header

 "exposedHeaders": [
            "xdays", // 0 or a timestamp
            "xhash", // anonymous or a signature
            "xalias", // anonymous or a unique user name (alias)
            "xlang", // en, fr,it,de,... 2 letters that define the endpoint feedback
            "xtribe", // a tribename from an existing list of the apXtri server (smatchit, okwo, ndda, secondeviepc,....)
            "xapp",  // unique name of a webspace where public files are store into {xtribe}/objects/wwws/{xapp}
            "xuuid" // 0 or a uniqueid uuid V4 format used if anonymous
        ]

Some endpoint request authentification. Authentification is manage by a middleware in apxtri/middleware/isAuthenticated.js All cryptographical functions used in frontend or backend come from the openPGP algorythm https://openpgpjs.org/ or https://www.npmjs.com/package/react-native-fast-openpgp

apXtri use a decentralize authentification system that work without needs to store any kind of password into the backend.

Authentification and user profil principle

apXtri use openPGP algorythm to create a pair of key by a device during the registration process. The user must choose a unique alias (that does not already exist). To register, the user send alias / public key / xdays (current time stamp) and a xhash that contain the signature of alias_timestamp done by the privatekey (all that is process into the device, of course the server don't know the private key). He also can use optionnaly a passphrase key to increase security.

A new user get the alias and to authenticate himself must provide a xhash = messagesignatureof ( {xalias}_{xdays} ) by using his privatekey that is store localy into the device.

The backend check with the public key that the signature is valid then Backend return his "profils" list that is an array of keywords that give specific accessright to object item. The profil propertie is store into the header of any request (and is always check by the backend)

The xhash is valid for 24hours after the frontend must refresh the xhash, to optimize the process we store a substring of the xhash as a temporary file until he does not logout. The logout process will remove a valid xhash without waiting 24 hours. Any profils change, request a process of logout then login to refresh the profils.

For convenient purpose, a user can ask to a tribe (like smatchit) to store his credential that can be sent to a specific email only.

Of course any request to backend is done with https (let's encrypt certificat) to obfuscate the contain of http exchange. After 3 fails a time penalty is apply to avoid bruteforce.

Profil and Accessright on data

A list of profils are define per tribe that allow to set some accessright on data that can be Create, Read, Update, Delete on any kind of Objects per tribe. Any Object is describe with a JSON schema that respects https://json-schema.org/draft/2020-12 all schema are store into {tribe}/schema

In apXtri we can manage accessright at propertie level. We have in any tribe profils:

  • anonymous : means any one that just send a request
  • owner: means the creator of an item of this object schema
  • pagans: means the user register a Public key with an alias
  • persons: means the user register a PublicKey/alias and join to a tribe (this can be open to any one or can be validate by a druids)
  • druids: means a manager of a tribe space on web configuration, specific codes,...
  • mayors : means a manager of the server that can have access to the adminapi dashboard and can create/update/delete tribe space
  • another profils link to any tribe that need specific accessright

Each profil can be define for this object as "C":[] create an item and become the owner of it, "R":[] able to read all, "R":[propertieA, propertieB] can read only propertie A and B, "U":[propertieC,propertieD] can update an item on propertieC and D

Here is an example for a persons object accessright:

"commentaccessrights": "only a pagans can create a persons by joining a tribe. An owner cans delete and read a list of properties he can update another list, a mayors or a druids can delete or read  only the propertie alias ",
    "apxaccessrights": {
      "owner": {
        "D": [],
        "R": [
          "alias",
          "owner",
          "profils",
          "dt_create",
          "dt_update",
          "dt_lastlogin",
          "dt_birth",
          "emailcom",
          "hobbies",
          "biography",
          "imgavatar",
          "profils"
        ],
        "U": [
          "dt_birth",
          "emailcom",
          "hobbies",
          "biography",
          "imgavatar"
        ]
      },
      "pagans": {
        "C": []
      },
      "mayors": {
        "D": [],
        "R": ["alias"]
      },
      "druids": {
        "D": [],
        "R": ["alias"]
      }
    }`